Microsoft has observed two named Chinese nation-state actors, Linen Typhoon and Violet Typhoon, exploiting vulnerabilities targeting internet-facing SharePoint servers. In addition, we have observed another China-based threat actor, tracked as Storm-2603, exploiting these vulnerabilities. Microsoft has released new comprehensive security updates for all supported versions of SharePoint Server (Subscription Edition, 2019, and 2016) that protect customers against these new vulnerabilities. Cust...| Microsoft Security Blog
Cyble investigates the DOGE BIG BALLS Ransomware, analyzing its operation and the false ties made to Edward Coristine.| Cyble
Command and Scripting Interpreter:| attack.mitre.org
Executive Summary Throughout 2024, RevEng.AI has been actively monitoring LummaStealer as part of its mission to uncover and analyse emerging threats across the commodity malware landscape. In mid January 2025, we observed a LummaStealer campaign being distributed via ClickFix - in the form of fake reCAPTCHA pages. RevEng.AI| RevEng.AI Blog
Lumma Stealer is an advanced information-stealing malware targeting cryptocurrency wallets and browser data. Learn how it evades detection, spreads through cracked software and social media, and how to protect your systems.| Gridinsoft LLC
Summary| Cybersecurity and Infrastructure Security Agency CISA